$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/29bedfc3-5012-48c2-8699-377e478d8269.roa File: 29bedfc3-5012-48c2-8699-377e478d8269.roa (raw, json) Hash identifier: jjV0FhylYXc6ailmfdCxRPyRzgWCmsi47mz1EG72FG0= Subject key identifier: 33:B3:EC:88:1C:B5:83:8F:F8:A1:1A:E5:5B:00:D0:45:CA:F5:A7:9B Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 66D3827C627BB9FE6706723FDBCD04552C624E12 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/29bedfc3-5012-48c2-8699-377e478d8269.roa Signing time: Wed 13 May 2026 00:10:31 +0000 ROA not before: Wed 13 May 2026 00:10:31 +0000 ROA not after: Tue 11 Aug 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da36:1000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 17 Jun 2026 00:02:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 66:d3:82:7c:62:7b:b9:fe:67:06:72:3f:db:cd:04:55:2c:62:4e:12 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 13 00:10:31 2026 GMT Not After : Aug 11 23:59:59 2026 GMT Subject: serialNumber=cf2edf61453e917d405c06fc32fcda68384eb6d8352a9f1ea6e296001b68c3d0, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:97:93:24:52:6b:3d:18:db:79:74:04:ab:f3: c3:33:7a:39:10:4d:53:d3:94:ca:8d:d1:ea:41:c9: d7:e0:29:ae:cd:94:c7:6b:23:77:b9:c6:07:3b:fa: cd:b5:cb:7a:56:c8:28:d1:90:f0:e0:d4:16:93:dd: 97:54:45:04:70:c9:15:22:8a:01:1b:62:89:18:9e: 5b:7c:50:67:ef:73:9e:ad:0f:35:06:08:0d:d5:a1: 1e:d8:07:43:80:34:7e:ca:69:5e:b1:12:fd:b8:57: 7c:17:74:64:55:2d:c1:2d:66:92:61:96:07:f8:be: 85:36:47:60:8f:6d:27:f0:c5:ef:4a:4b:ea:be:ab: 94:82:bb:07:47:dc:1e:fd:7f:df:02:f5:e1:3a:eb: 21:e9:7a:bb:1f:8d:ec:df:5d:18:4b:ba:35:af:ce: e5:94:23:b5:3b:ec:01:dc:fd:8b:12:07:a6:e3:b4: ef:3b:b3:d6:5a:04:fb:82:33:f6:f2:4e:8c:f2:e6: b0:2b:88:05:66:fe:bd:cd:10:19:dc:b2:4f:6c:42: b4:81:ab:ea:6e:46:3f:43:ab:cc:2e:0c:80:d0:89: 5b:50:ec:f4:3e:8f:5e:d5:0b:73:6f:1e:f5:58:37: a9:1a:59:12:e3:46:ec:64:d1:bf:00:16:bf:48:a4: 0d:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 33:B3:EC:88:1C:B5:83:8F:F8:A1:1A:E5:5B:00:D0:45:CA:F5:A7:9B X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/29bedfc3-5012-48c2-8699-377e478d8269.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da36:1000::/40 Signature Algorithm: sha256WithRSAEncryption a3:33:e7:e9:7e:cc:f3:8a:b9:9d:28:06:0f:81:6b:f2:58:ef: 18:40:29:68:bc:f8:b0:d9:00:6d:4c:db:63:c8:38:c8:37:34: 4f:f4:76:d2:92:94:7d:b7:c0:28:d8:a3:11:c7:69:85:d7:28: 61:43:dd:7b:77:bb:df:f7:3b:45:3a:c8:42:22:e1:21:b4:5b: c8:db:9b:ec:45:9c:58:4a:76:60:23:92:ae:3e:1e:fe:db:05: 5f:fc:06:3e:1a:c6:55:c5:33:ee:ad:29:06:94:6c:e8:b5:7a: e1:14:8a:47:32:74:cb:33:2f:61:65:c0:cd:2f:3b:26:f4:40: 57:3c:69:57:33:11:8a:ab:8b:05:49:da:16:90:00:3d:3b:99: 38:09:ae:7d:ef:2e:a1:4f:9b:cc:5e:c8:c6:b1:8c:9d:d1:97: e1:89:48:e5:3b:2e:28:66:67:95:3e:ab:c2:bc:82:86:3b:54: b1:67:57:f6:38:17:6e:a8:e7:ed:09:19:05:d4:06:94:43:9f: 63:f7:e6:d8:bd:46:73:6a:77:5f:85:a5:e3:1c:64:29:8e:e5: 56:6e:0f:9a:aa:74:07:eb:3e:4b:8c:e1:be:67:89:f4:9d:ff: a1:bc:45:47:2a:43:c4:c1:2a:15:6b:10:2c:e5:eb:80:3a:c2: 09:b8:87:44 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUZtOCfGJ7uf5nBnI/280EVSxiThIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUxMzAwMTAzMVoX DTI2MDgxMTIzNTk1OVowejFJMEcGA1UEBRNAY2YyZWRmNjE0NTNlOTE3ZDQwNWMw NmZjMzJmY2RhNjgzODRlYjZkODM1MmE5ZjFlYTZlMjk2MDAxYjY4YzNkMDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsZeTJFJrPRjbeXQEq/PDM3o5EE1T 05TKjdHqQcnX4CmuzZTHayN3ucYHO/rNtct6Vsgo0ZDw4NQWk92XVEUEcMkVIooB G2KJGJ5bfFBn73OerQ81BggN1aEe2AdDgDR+ymlesRL9uFd8F3RkVS3BLWaSYZYH +L6FNkdgj20n8MXvSkvqvquUgrsHR9we/X/fAvXhOush6Xq7H43s310YS7o1r87l lCO1O+wB3P2LEgem47TvO7PWWgT7gjP28k6M8uawK4gFZv69zRAZ3LJPbEK0gavq bkY/Q6vMLgyA0IlbUOz0Po9e1Qtzbx71WDepGlkS40bsZNG/ABa/SKQNtwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFDOz7IgctYOP+KEa5VsA0EXK9aebMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzI5YmVkZmMzLTUwMTItNDhjMi04Njk5LTM3N2U0NzhkODI2OS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaNhAwDQYJKoZIhvcNAQELBQADggEBAKMz5+l+zPOKuZ0oBg+B a/JY7xhAKWi8+LDZAG1M22PIOMg3NE/0dtKSlH23wCjYoxHHaYXXKGFD3Xt3u9/3 O0U6yEIi4SG0W8jbm+xFnFhKdmAjkq4+Hv7bBV/8Bj4axlXFM+6tKQaUbOi1euEU ikcydMszL2FlwM0vOyb0QFc8aVczEYqriwVJ2haQAD07mTgJrn3vLqFPm8xeyMax jJ3Rl+GJSOU7LihmZ5U+q8K8goY7VLFnV/Y4F26o5+0JGQXUBpRDn2P35ti9RnNq d1+FpeMcZCmO5VZuD5qqdAfrPkuM4b5nifSd/6G8RUcqQ8TBKhVrECzl64A6wgm4 h0Q= -----END CERTIFICATE-----Generated at Sat Jun 13 09:16:05 2026 by rpki-client